S. Staniford-Chen, S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, C. Wee, R. Yip, D. Zerkle  Home/Search
Context Related
| ucdavis.edu/papers/nissc96.ps nasa.gov/ic/people/frank/nissc96.ps umass.edu/~pxuan/survived...nissc96.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: mmidia.inf.ufrgs.br/books/m...apa (more) From: umass.edu/~pxuan/survivable (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: There is widespread concern that large-scale malicious attacks on computer networks could cause serious disruption to network services. We present the design of GrIDS (Graph-Based Intrusion Detection System). GrIDS collects data about activity on computers and network traffic between them. It aggregates this information into activity graphs which reveal the causal structure of network activity. This allows large-scale automated or co-ordinated attacks to be detected in near real-time. In... (Update)
Context of citations to this paper: More
.... Examples include University of California Davis Network Security Monitor [4] and DIDS [13] More recent models, such as UC Davis GrIDS [14], UC Santa Barbara s NetSTAT [15] Purdue s AAFID [1] and SRI s EMERALD [11] pay more attention to intrusion detection for large scale...
...can be analyzed in concert. 5.2. 1 GrIDS The Graph Based Intrusion Detection System (GrIDS) uses a decentralized approach [Staniford Chen96]. GrIDS is concerned with detecting intrusions that involve connections between many nodes. It constructs activity graphs to...
Cited by: More
Hipip: High Performance Invocation Protection - Connelly (2003) (Correct)
Distributed Pattern Detection for Intrusion Detection - Krügel, Toth (2002) (Correct)
Modeling Requests among Cooperating Intrusion Detection Systems - Ning, Wang, Jajodia (2000) (Correct)
Similar documents (at the sentence level):
5.5%: The Design of GrIDS: A Graph-Based Intrusion Detection .. - Cheung, Crawford.. (1999) (Correct)
5.1%: GrIDS - A Graph-Based Intrusion Detection System.. - Staniford-Chen.. (1996) (Correct)
Active bibliography (related documents): More All
0.2: Diversity as a Defense Strategy in Information - Evidence (Correct)
0.1: Intrusion Detection: A Study - Blomqvist, Skantze (1995) (Correct)
0.1: Research in Intrusion-Detection Systems: A Survey - Axelsson (1998) (Correct)
Similar documents based on text: More All
0.1: Audit Log Analysis Using the Visual Audit Browser Toolkit - Hoagland, Wee, Levitt (1995) (Correct)
0.1: NetKuang -- A Multi-Host Configuration Vulnerability Checker - Dan Zerkle (1996) (Correct)
0.1: A Graph-based Language for Specifying Security Policies - Hoagland, Pandey, Levitt (Correct)
Related documents from co-citation: More All
6: Abstraction-based misuse detection: High-level specications and adaptable strate.. - Lin, Wang et al. - 1998
6: EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances - Porras, Neumann - 1997
5: Haystack: An intrusion detection system (context) - Smaha - 1988
BibTeX entry: (Update)
S. Staniford-Chen, S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, C. Wee, R. Yip, and D. Zerkle. GrIDS - a graph based intrusion detection system for large networks. In Proceedings of the 19th National Information Systems Security Conference, volume 1, pages 361--370, October 1996. http://citeseer.ist.psu.edu/article/staniford-chen96grids.html More
@inproceedings{ stanifordchen96grids,
author = "S. Staniford-Chen and S. Cheung and R. Crawford and M. Dilger and J. Frank and J. Hoagland and K. Levitt and C. Wee and R. Yip and D. Zerkle",
title = "{GrIDS} -- {A} Graph-based Intrusion Detection System for Large Networks",
booktitle = "Proceedings of the 19th National Information Systems Security Conference",
year = "1996",
url = "citeseer.ist.psu.edu/article/staniford-chen96grids.html" }
Citations (may not include all citations):121 An intrusion detection model (context) - Denning - 1986
121 Network intrusion detection (context) - Mukherjee, Heberlein et al. - 1994
79 Computer security threat monitoring and surveillance (context) - Anderson - 1980
68 A network security monitor (context) - Heberlein - 1990
63 Nextgeneration intrusion detection expert system - Anderson, Frivold et al. - 1995
41 Expert systems in intrusion detection: A case study (context) - Sebring - 1988
18 An expert system application for network intrusion detection (context) - Jackson, DuBois et al. - 1991
4 A tour of the worm (context) - Seely - 1991
2 IDES: The enhanced prototype (context) - Lunt - 1988
2 architecture and an early prototype (context) - Snapp, -- - 1991
1 and Craig Leres (context) - McCanne, Jacobsen
1 The Design of GrIDS: A Graph-Based Intrusion Detection Syste.. (context) - Research
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://mmidia.inf.ufrgs.br/books/maxsecurity/apa/apa.htm): More
Simulating Concurrent Intrusions for Testing.. - Chung, Puketza.. (1995) (Correct)
X Through the Firewall, and Other Application Relays - Treese, Wolman (1993) (Correct)
Ensuring Atomicity of Multilevel Transactions - Ammann, Jajodia, Ray (1996) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC